1. Technical Field of the Invention
The present invention relates generally to the field of wireless telecommunications; and, more particularly, to a smart card and a smart card and security function system for a mobile terminal for a wireless telecommunications system.
2. Description of Related Art
Smart cards are the main secure carriers of private/secret (key) information to authorize electronic access and/or transactions via a mobile terminal of a cellular telecommunications system. In current cellular telecommunications systems, smart cards such as SIM (Subscriber Identity Module) cards and WIM (WAP Identity Module) cards, or combined SIM/WIM cards, are used to securely store user credentials (and keys) to identify the user and to bind the user to a specific transaction, e.g., an electronic purchase. These smart cards comprise so-called ICCs (Integrated Circuit Cards) that are programmed for a specific service/use. Through standardized interfaces (both electrical and logical), a mobile terminal can access information and services provided by the smart card and provide the desired security functions.
Current mobile terminals have only a limited capability to support secure electronic payment services and other secure transactions via a wireless connection; and, in general, smart cards have been used only as carriers of private/secret information and associated services (e.g., electronic signing of data with a private/secret key on the card).
In the future, a mobile terminal will have to handle different smart cards. The lowest level for accessing the information on a smart card can be the mechanical elements that make electrical contact between the mobile terminal and the smart card, or a system that makes a wireless radio or optical (e.g., infrared) contact. By adhering to an API (Application Interface) standard (such as the standard specified in the WIM specifications), mobile terminal software developers can build the driver software through which the security functions in the mobile terminal can gain access to the smart card. Unfortunately, there does not exist one API standard, and this leads to multiple implementations of the software to use the card capabilities. This, in turn, increases the cost of code storage and code development.
Furthermore, due to increased demands for security in mobile terminals, there is and will continue to be a need to handle private/secret data in the mobile terminal. In principle, it is possible to turn the main processing circuit in the mobile terminal into a tamper resistant device such as a smart card. This is not an attractive option, however, as the increased security requirements would effect the design and the production process of the complete ASIC of the main processing circuit (for example, the need for special shielding, tamper detection mechanisms, redesign of signal flow to reduce signal leakage, and the like).
In general, the expected wider use of the capabilities of smart cards requires an efficient system design (software architecture) that allows efficient software development in a mobile terminal in which storage resources are limited and which contribute significantly to the overall cost of the mobile terminal.